Response After Final 
Application No. 09/843,403 
Page 8 



REMARKS 

Claims 1-2, 4-6, 8-15, 17-18, and 20-25 are pending in the above-identified application, 
and were rejected. With this amendment, no claims were amended, added or cancelled. 
Accordingly, claims 1-2, 4-6, 8-15, 17-18, and 20-25 are at issue. 
I. 35 U.S.C. § 102 Anticipation Rejection of Claims 

Claims 1, 2, 4-6, 8-13, 15, 17, 18, and 20-24 were rejected under 35 U.S.C. § 102(e) as 
being anticipated by Doyle (U.S. Patent No. 6,128,738). Applicants respectfully traverse this 
rejection. 

Claim 1 is directed to an access control system for use in a data transfer system which 
transfers data by means of public-key cryptosystem based on a public key certificate issued to an 
authentication object by a public key issuer authority. The access control system comprises a 
service provider, which is an authentication object and which provides services, a service 
receiving devics, which also is an authentication object and which receives services provided by 
the service provider, and an access control server which issues to the service receiving device an 
access permission, which identifies a service provider an access to which by the service 
receiving device is permitted. The system holder which is an organization that provides or 
control contents usable by a user terminal, contents which enables provision of services, or a 
service distribution infrastructure. The service provider performs, based on the access 
permission, a decision as to whether an access request by the service receiving device is to be 
permitted and the system holder is configured to administrate the service provider and the service 
receiving device and to treat the service provider and the service receiving device as 
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authentication objects and generates the access permissions in a form independently usable for 
the service provider. 

Doyle is directed to method and system for enabling a single client certificate to be used 
in SNA communications to ensure security such that the certificate cannot be intercepted and 
reused. (See Abstract). In Doyle, when the host receives the information about which host 
application is selected, the host application provides the information and a bind request 307 is 
sent from the host to the client. The client responds with a bind response 309. The host 
application then sends a request to the client for their certificate 311. The client then responds by 
creating a security packet and sending the security packet to the host 313 for authentication. The 
host application forwards the client's certificate to a host access control 315. The host access 
control returns a response to the host application 317. At that point, logon is complete and 
application data begins to flow 319 between the client and the host application. (Col. 1, line 67 - 
Col. 2, line 14). Thus, both the client and host application are required to store and administrate 
various kinds of data for authentication, increasing the load on each device. Examiner has stated 
Doyle (Col. 1, line 66 - Col. 2, line 15) discloses that the certificates and signatures created are 
usable for a plurality of services. However, Doyle requires distinct configuration and 
authentication for each host application. Doyle does not disclose or suggest generation of the 
access permissions in a form independently usable for the service provider. Accordingly, claim 1 
and claims 2, 4-6, and 8-14, which depend from claim 1, are allowable over Doyle. 

For reasons similar to those disclosed above with regard to claim 1, Applicants 
respectfully submit that the independent claim 15 and claims 17-18 and 20-25, are also allowable 
over Doyle. Accordingly, Applicants respectfully request withdrawal of this rejection. 
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II. 35 U.S.C. § 103 Obviousness Rejection of Claims 

Claims 14 and 25 were rejected under 35 U.S.C. § 103(a) as being unpatentable over 
Doyle (U.S. Patent No. 6,128,738) in view of Misra (U.S. Patent No. 5,757,920). Applicants 
respectfully traverse this rejection. 

As discussed above, Doyle does not disclose or suggest generation of the access 
permissions in a form independently usable for the service provider. Thus, it would not have 
been obvious to one skilled in the art at the time the invention to modify the system/method to 
generate access permissions in a form independently usable for the service provider, as disclosed 
by Doyle, with the teachings of Misra to derive claim 14, which depends from claim 1, or to 
derive claim 25, which depend from claim 15. Accordingly, Applicants respectfully request 
withdrawal of this rejection. 

III. Conclusion 

In view of the above amendments and remarks, Applicants submit that all claims are 
clearly allowable over the cited prior art, and respectfully request early and favorable notification 
to that effect. 
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